On the Net today we face a choice between freedom and captivity, independence and dependence. How we build the Internet of Things has far-reaching consequences for the humans who will use—or be used by—it. Will we push forward, connecting things using forests of silos that are reminiscent the online services of the 1980’s, or will we learn the lessons of the Internet and build a true Internet of Things?

In other words, an Internet of Me (#IoM) and My Things. Meaning things we own that belong to us, under our control, and not puppeted by giant companies using them to snarf up data about our lives. Which is the #IoT status quo today.

To be discussed, among other things, is personal privacy, secured in distributed and crypto-secured sovereign personal spaceson your personal devices. Possibly using blockchains, or approaches like it.

Blockstack is a “decentralized DNS for blockchain applications” that “gives you fast, secure, and easy-to-use DNS, PKI, and identity management on the blockchain.” More: “When you run a Blockstack node, you join this network, which is more secure by design than traditional DNS systems and identity systems. This is because the system’s registry and its records are secured by an underlying blockchain, which is extremely resilient against tampering and control. In the registry that makes up Blockstack, each of the names has an owner, represented by a cryptographic keypair, and is associated with instructions for how DNS resolvers and other software should resolve the name.” Here’s the academic paper explaining it.

The Blockstack Community is “a group of blockchain companies and nonprofits coming together to define and develop a set of software protocols and tools to serve as a common backend for blockchain-powered decentralized applications.” Pull quote: “For example, a developer could use Blockstack to develop a new web architecture which uses Blockstack to host and name websites, decentralizing web publishing and circumventing the traditional DNS and web hosting systems. Similarly, an application could be developed which uses Blockstack to host media files and provide a way to tag them with attribution information so they’re easy to find and link together, creating a decentralized alternative to popular video streaming or image sharing websites. These examples help to demonstrate the powerful potential of Blockstack to fundamentally change the way modern applications are built by removing the need for a “trusted third party” to host applications, and by giving users more control.” More here.

OpenBazaar is “an open peer to peer marketplace.” How it works: “you download and install a program on your computer that directly connects you to other people looking to buy and sell goods and services with you.” More here and here.

Mediachain, from Mine, has this goal: “to unbundle identity & distribution.” More here and here.

telehash is “a lightweight interoperable protocol with strong encryption to enable mesh networking across multiple transports and platforms,” from @Jeremie Miller and other friends who gave us jabber/xmpp.

Etherium is “a decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third party interference.”

Keybase is a way to “get a public key, safely, starting just with someone’s social media username(s).”

Ideally, we would have people from all the projects above at IIW. For those not already familiar with it, IIW is a three-day unconference, meaning it’s all breakouts, with topics chosen by participants, entirely for the purpose of getting like-minded do-ers together to move their work forward. IIW has been doing that for many causes and projects since the first one, in 2005.

The production end is a different animal. Or herd of animals, eventually. Expect professional gear from all the usual sources, showing up at CES starting next year and on store shelves shortly thereafter. Walking around like a dork holding a mobile in front of you will look in 2018 like holding a dial-phone handset to your head looks today.

Whatever else happens, the rights clearing question gets very personal. Do you want to be broadcast and/or recorded by others or not? What are the social and device protocols for that? (The VRM dev community has designed one for the glasses above. See the ⊂ ⊃ in the glasses? That’s one. Each corner light is another.)

As for the relevance of standing law, almost none of it applies at the technical level. Simply put, all copyright laws were created in times when digital life was unimaginable (e.g. Stature of Anne, ASCAP), barely known (Act of 1976), or highly feared (WIPO, CTEA, DMCA).

How would we write new laws for an age that has barely started? Or why start with laws at all? (Nearly all regulation protects yesterday from last Thursday. And too often its crafted by know-nothings.)

We’ve only been living the networked life since graphical browsers and ISPs arrived in the mid-90’s. Meanwhile we’ve had thousands of years to develop civilization in the physical world. Which means that, relatively speaking, networked life is Eden. It’s brand new here, and we’re all naked. That’s why it’s so easy anybody to see everything about us online.

How will we create the digital equivalents of the privacy technologies we call clothing and shelter? Is the first answer a technical one, a policy one, or both? Which should come first? (In Europe and Australia, policy already has.)

Protecting the need for artists to make money is part of the picture. But it’s not the only part. And laws are only one way to protect artists, or anybody.

Manners come first, and we barely have those yet, if at all. None of the big companies that currently dominate our digital lives have fully thought out how to protect anybody’s privacy. Those that come closest are ones we pay directly, and are financially accountable to us.

Apple, for example, is doing more and more to isolate personal data to spaces the individual controls and the company can’t see. Google and Facebook both seem to regard personal privacy as a bug in online life, rather than a feature of it. (Note that, at least for their most popular services, we pay those two companies nothing. We are mere consumers whose lives are sold to the company’s actual customers, which are advertisers.)

Bottom line: the legal slate is covered in chalk, but the technical one is close to clean. What do we want to write there?

We’ll be talking about this, and many other things, at VRM Day (6 April) and IIW (7-9 April) in the Computer History Museum in downtown Silicon Valley (101 & Shoreline, Mountain View).

IIW XX — the 20th IIW — comes at a critical inflection point in the history of VRM. If you’re looking for a point of leverage on the future of customer liberation, independence and empowerment, this is it. Wall Street-sized companies around the world are beginning to grok what Main Street ones have always known: customers aren’t just “targets” to be “acquired,” “managed,” “controlled” and “locked in.” In other words, Cluetrain was right when it said this, in 1999:

if you only have time for one clue this year, this is the one to get…

Now it is finally becoming clear that free customers are more valuable than captive ones: to themselves, to the companies they deal with, and to the marketplace.

But how, exactly? That’s what we’ll be working on at IIW, which runs from April 7 to 9 at the Computer History Museum, in the heart of Silicon Valley: the best venue ever created for a get-stuff-done unconference. Focusing our work is a VRM maturity framework that gives every company, analyst and journalist a list of VRM competencies, and every VRM developer a context in which to show which of those competencies they provide, and how far along they are along the maturity path. This will start paving the paths along which individuals, tool and service providers and corporate systems (e.g. CRM) can finally begin to fit their pieces together. It will also help legitimize VRM as a category. If you have a VRM or related company, now is the time to jump in and participate in the conversation. Literally. Here are some of the VRM topics and technology categories that we’ll be talking about, and placing in context in the VRM maturity framework:

The Interactive Advertising Bureau lashed out Saturday at a new Firefox policy to block third-party cookies, effectively cutting off ad networks’ ability to track users. That could be put a crimp in the growing online behavioral advertising business, but give privacy advocates a victory in their attempts to give users more control over their online information.

Mike Zaneis (@MikeZaneis), the organization’s svp and general counsel tweeted that Mozilla’s new policy was nothing less than “a nuclear first strike against the ad industry.”

Firefox will begin blocking the cookies from third-party ad networks by default beginning with distribution of Firefox version 22 on April 5. The browser would allow cookies from first party websites that users visit, according to Jonathan Mayer, a grad student at Standford University who wrote the patch for Mozilla.

Firefox’s new cookie policy is similar to Apple Safari, but “slightly relaxed,” Mayer said in a blog post. In practice, both Google Chrome and Microsoft Internet Explorer allow third-party cookies.

The links are mine.

For a good picture of the debate at work, read the whole thread below Mike’s tweet. In it you’ll see how hard it is to draw lines we don’t want others to cross. If we’re Mike and the IAB, we want to draw the line as far out as our self-reguatory principles for online behavioral advertising allow. That line is inclusive of (presumably) harmless forms of tracking. If you’re Chris Saghoian (@csaghoian), one of the creators of Do Not Track (and a voice in that thread), the line not to cross is the personal one that surrounds one’s private spaces. Among those is the vehicle called a browser, in which one would like to drive around the Web enjoying car-like independence.

Here in the VRM world, we are in the second camp. But we’d rather leave the fighting up to others, and instead extend an olive branch toward cooperative development of tools that shake hands and work together across both kinds of lines. That’s what I did at the last link, in September. Since then I’ve enjoyed a positive back-channel conversation that I’d like to keep moving forward.

Evidon measured sites across the Internet and found the number of web-tracking tags from ad servers, analytics companies, audience-segmenting firms, social networks and sharing tools up 53% in the past year. (The ones in Mandarin were probably set by the Chinese army.) But only 45% of the tracking tools were added to sites directly by publishers. The rest were added by publishers’ partners, or THEIR partners’ partners.

Then he builds the correct forecast of regulatory squeezery, and concludes with this:

I have spent the better part of the last 15 years defending cookie-setting and tracking to help improve advertising. But it is really hard when the prosecution presents the evidence, and it has ad industry fingerprints all over it — every time. There was a time when “no PII” was an acceptable defense, but now that data is being compiled and cross-referenced from dozens, if not hundreds, of sources, you can no longer say this with a straight face. And we are way past the insanity plea.

I know there are lots of user privacy initiatives out there to discourage the bad apples and get all of the good ones on the same page. But clearly self-regulation is not working the way we promised Washington it would.

I appreciate the economics of this industry, and know that it is imperative to wring every last CPM out of every impression — but after a while, folks not in our business simply don’t care anymore, and will move to kill any kind of tracking that users don’t explicitly opt in to.

Here is where this will lead by 2020: The ability of individuals to signal their intentions in the marketplace will far exceed the ability of corporations to guess at those intentions, or to shape them through advertising. Actual relationships between people and processes on both sides of the demand-supply relationship will out-perform today’s machine-based guesswork by advertisers, based on “big data” gained by surveillance. Advertising will continue to do what it has always done best, which is to send clear signals of the advertiser’s substance. And it won’t be confused with its distant relatives in the direct response marketing business.

The follow-up question was, “What do we need to do now for this future?” My answer to that one:

Three things.

First, make sharper distinctions between brand and direct response advertising — distinctions that make clear that the latter is a different breed, with different virtues, methods and metrics.

Second, follow and encourage the development of tools that give individuals more independence and ability to engage.

Third, do more research on the first two, so we have better tracking of trends as they develop.

VRM was a hot topic at IIW last week, with at least one VRM or VRM-related breakout per session — and that was on top of the VRM workshop held at Ericsson on Monday, April 30, the day before IIW started. (Thanks to Nitin Shah and the Ericsson folks for making the time and space available, in a great facility.) Here’s a quick rundown from the #IIW14 wiki:

The hot edge of VRM right now is in South Africa, where TrustFabric (@TrustFabric, also mention ed in the prior post) is answering that country’s approach to personal privacy concerns with TrustFabric Connect. Let’s help them out. Note also that they’re helping the rest of us by making their code free (GPL v2) and therefore also open source.

During the Industrial Age, the power asymmetry between vendor and customer got so steep that vendors got to talking about customers as if the latter were cattle or slaves. Customers became “targets” that vendors “captured,” “acquired,” “locked in” and “managed.” As the Information Age dawned, however, customers gradually became more independent. So, midway into the second decade of the new millennium, customers were no longer the ones being managed. Nor, however, were vendors. Instead, relationship itself was managed by both parties.

I believe that access to data, ever more personalized, is a trend that will shape our world—online and off—for the coming decade and lead to changes more profound and comprehensive that anything we’ve seen yet. This is the idea behind David Siegel’s book Pull (read my blog post on the Power of Pullor listen to the podcast for more). David’s book paints a compelling picture that is breath taking in its scale and scope; there is no aspect of our lives that won’t be impacted by these changes. I think it’s impossible to overstate their importance.

I’ve been loving David’s book even before it hit the streets, and not just because he gives generous props to VRM in it. I love it because David sees demand working to help supply — on the individual level. Our demand, as individuals, has native power that does not show up only in aggregate sums. Each of us differs not only in our wants and needs, but in our abilities to satisfy them, with the help of sellers. In the past we borrowed those abilities from vendors offering the same things to many. In the future we’ll contribute those abilities to common cause. That common cause is an improved marketplace.

Markets are where demand and supply meet. In both literal and virtual ways, they are common ground. They also don’t exist in vacuums. They are built.

In the Industrial Age, they were built mostly by sellers. At the heights of that age, they defined the “free market” as “your choice of silo” or “your choice of captor.” To a high degree that’s still the case. Just look at your “agreement” with a mobile phone carrier for evidence of that “freedom” at work. Also at your choice of other “agreements”.

Captors will persist, but they’ll have ever-improving competition from companies that find free customers more valuable than captive ones. Pull provides helpful advice to companies that would rather be in the latter group.

Pull’s subtitle is “The Power of the Semantic Web to Transform Your Business.” SemanticWeb.org‘s first paragraph begins this way:

The Semantic Web is the extension of the World Wide Web that enables people to share content beyond the boundaries of applications and websites. It has been described in rather different ways: as a utopic vision, as a web of data, or merely as a natural paradigm shift in our daily use of the Web.

It is the brainbaby of Tim Berners-Lee, who invented the Web itself. It is also not the only approach to the problems it works to solve and the world it works to make. Another is XDI, which is the brainbaby of Drummond Reed and other good friends. They are not the same, though they do some of the same things. Both also do things the other does not, friends in both camps tell me.

My favorite session at IIW was one in which work (which I’m leading) on an RDF-based implementation of EmanciPay was attended via Skype by the four project administrators (one of whom is a Google Summer of Code student and two of whom are students at MIT’s CSAIL, where one of those two is advised by Sir Tim himself), plus Drummond Reed, Phil Windley, Paul Trevithick, Trent Adams and _____ (I have his name around here somewhere) of the Mozilla Foundation, which is relevant because EmanciPay will appear first as a browser plug-in, starting with FireFox. That the parties involved compete in some ways matters less than the common ground they all require, and are helping build out. Around the table there was openness and generosity from all corners.

The biggest markets are not the ones you keep to yourself. They’re the ones you build for everybody.

And when you’re building public markets you need to pay special attention to the public spaces and places: the streets and public plazas, the adjoining ports and transport systems, and the geology beneath all of it.

What I suggest, as we move forward from our separate positions, from our separate yet overlapping technologies, is that the frontier in the market’s public spaces is relationship.

Even the most shallow and temporary relationships are entities that exist between parties, not just within either party. This between space is the frontier that matters most right now.

That frontier is legal as well as technical. The challenge, however, is not to “get legal” in the usual sense. It’s to drive future law, and norms, with code and practice. That is, with what we make and what we do with it, quite aside from whatever standing law might require — or seem to require.

We’ve had enough of getting legal already. Think about that every time you click on some vendor’s “accept” button after not reading their terms of service or privacy policies. What you’re doing is going inside that vendor’s silo.

The agreements we need are less formal and more binding than those things, which lawyers call contracts of adhesion. You don’t click on an “accept” button when you go into a restaurant or a bike shop, even though the legal contexts of your actions are plentiful. That’s because you and the owners of the store have a middle ground. You understand each other as free and independent beings, not as captor and captive.

This makes for an interesting frontier, and a lot to talk about before and during our upcoming gatherings.

Forrester predicts the era of Social Commerce, the future of the social Web as I see it, starts to embrace a corporate philosophy and supporting infrastructure that migrates away from CRM and even sCRM to one of Social Relationship Management or SRM. This will usher in the fifth era as observed by Forrester. And, SRM is also acutely cognizant of and in harmony with VRM (Vendor Relationship Management).

VRM is the opposite of CRM, capsizing the concept of talking at or marketing to customers and shifting the balance of power in relationships from vendors to consumers. As such, systems are created to empower consumer participation and sentiment and improve products and services with every engagement.

Should we think the unthinkable and finally adopt a set of new rules which are aligned to actually what is happening this new world of social collaboratio online? Yes I do think so.

Nowadays the science of selling has gone much further with ‘relationships selling” as distinct from “transactional selling” and is even being inverted in the form of “soft selling” or should that now be “soft buying”. It goes beyond selling, organisations have CRM (Customer Relationship Management) processes and systems and are now starting to realise that they need to provide their customers with access to VRM (Vendor Relationship Management) processes and, possibly, systems. There had always been some people who understood it, but there was a development of a general realisation that “selling” and other related areas are manageable!

I believe here John is talking about VRM in a B2B context, where it has been used for many years. Still, it speaks to the need for customers to interact with companies that have transparent and available processes.